EMEA A&C CCOE Partner Technology Cloud Engineering

Introducing Oracle Cloud Infrastructure Vulnerability Scanning Service

Mihai Dragomir
EMEA A&C Cloud Adoption & Implementation Consultant

Oracle Cloud Infrastructure puts the security of critical workloads at the center of our cloud infrastructure. This modern public cloud is built with the security required to protect your most valuable data.

According to the Oracle and KPMG Cloud Threat Report 2020, one of the key research findings is that Misconfigured cloud services are prevalent, problematic, and the top cloud security priority. A cloud security visibility gap has made hardening the configuration of cloud services a systematic challenge.

According to our respondents, Cloud consumption is creating visibility blind spots.


We believe that security should be easier for customers to implement and maintain; this is at the core of Oracle’s approach to cloud security. Our customers want a proactive approach that allows them to more quickly achieve a stronger security posture for their applications and infrastructure.

This what the Oracle Cloud Infrastructure (OCI) Vulnerability Scanning Service (VSS) provides - a simple, on by default, prescriptive, and free scanning suite that is tightly integrated with the OCI platform.

Read the official announcement here: Identity Weaknesses and Prevent Attacks with Oracle Cloud Infrastructure Vulnerability Scanning Service

Cloud security posture management (CSPM) is the answer to the increasing requirements for organizations to address cloud security risks and misconfigured public cloud services. The service is used for risk assessment, visualization, incident responses, compliance, monitoring, and DevOps integration. Customers typically adopt CSPM services to detect misconfigured resources, identify risky and insecure activity across cloud applications and services, and provide visibility to help security administrators triage and resolve cloud security issues.

Oracle Vulnerability Scanning Service helps improve your security posture in Oracle Cloud by routinely checking hosts for potential vulnerabilities. The service generates reports with metrics and details about these vulnerabilities.

The following diagram provides a high-level overview of the service.

The core capabilities of Vulnerability Scanning Service are:

  • Simple, on by default, prescriptive, and free scanning suite that is tightly integrated with the OCI platform
  • Offers default plugins and engines based on OCI created and open-source scanning engines for host and container scanning
  • OCI manages the deployment, configuration and upgrade of these engines and agents across the customer fleet
  • Problems detected by the scanning suite will be surfaced through Cloud Guard, with rules and ML to prioritize critical vulnerabilities
  • OCI will take action (alert, auto-remediate, or quarantine) through responders to shorten the time from detection to remediation, including through maximum security zones

Refer to the Vulnerability Scanning documentation to review the concepts, get started with the service or integration with Cloud Guard.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.